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Description 

BACKGROUND OF THE INVENTION 

1 . Field of the Invention 5 

[0001] The present invention relates to a secured 
memory in accordance with the precharacterizing por- 
tion of claim 1 . Such a security memory is known from 
GUEULLE P: 'LES E2PROM SERIE SECURISEES' 
ELECTRONIQUE RADIO PLANS, FR, SPE, PARIS, no. 
548, 1 July 1993(1993-07-01), pages 23-28, 
XP000377636 ISSN: 1144-5742. 

2. The Prior Art 

[0002] The use of plastic cards for payment has ex- 
isted since the 1 950's with the introduction of the Diners 
Club card. The explosion in their use since that lime has 
been nothing short of phenomenal. Today, millions of 
cards are issued annually by different organizations, so 
that their use for both payment and the recordation of 
information is now almost universal. 
[0003] Originally, these plastic cards were embossed 
and had a signature line which could be used for com- 
parison to maintain security. However, as can be imag- 
ined, this was not much of a deterrent to fraud and mis- 
use. The first major security improvement was the ad- 
dition of a magnetic stripe on the back of the embossed 
card. Plastic cards with a magnetic stripe are probably 
the most popular form of payment and information card 
available today. The memory storage provided by the 
magnetic stripe also permitted the recordation of far 
greater amounts of information than could be embossed 
on the face of a plastic card. Though these cards provide 
some level of protection, it is not all that difficult for the 
data stored on a magnetic stripe to be read, deleted and 
rewritten by anyone with access to the appropriate read/ 
write device. Accordingly, it is less than suitable for the 
storage of confidential data, or for storing a value that 
can be used in place of currency. 
[0004] In response to these limitations, a plastic card 
with a secure memory was developed. These cards are 
known in the industry as "smart cards". The storage area 
of the secure memory is often divided into blocks of 
memory. The object of providing security to a memory 
is to protect against unauthorized access to and tam- 
pering with these blocks. The security is typically pro- 
vided by some combination of both hardware and soft- 
ware. With a secure memory it is possible to write con- 
fidential data that cannot be read or erased, and to pre- 
vent writing of data by controlling the reading, writing 
and erasing with the combination of hardware and soft- 
ware which depend upon particular conditions to occur 
prior to executing these operations. 
[0005] An example of a "smart card" with a secure 
memory, and one which has been widely used is a tel- 
ephone memory card. These cards are prepaid, and the 



value stored electronically in the memory is deducted 
during use by the appropriate amount. Of course, to pre- 
vent misuse it is necessary to prevent the user from tam- 
pering with the card to increment the stored value. If it 
were a magnetic stripe card, rewriting a new value to 
the card could be accomplished easily. 
[0006] One manner known in the art to prevent tam- 
pering with the secured memory to increment a stored 
value is to provide a secure code that is known only to 
the issuer of the card. A systematic attack to determine 
the secure code is deterred by an attempt counter that 
prevents further use of the card if the number of attempts 
to present a valid secure code exceeds a predetermined 
number. When a valid secure code is presented prior to 
the attempt counter reaching its limit, the attempt coun- 
ter is reset to zero. Each of these blocks are further pro- 
tected by an erase code that must he presented before 
the storage block can be erased. Unfortunately, these 
erase codes are vulnerable to systematic attack. 
[0007] Another manner of preventing tampering with 
telephone memory cards has been to make it virtually 
impossible to erase a memory cell once it has been writ- 
ten to. For this type of card, a fuse is typically blown 
which disables the erase function of the memory. Ac- 
cordingly, as the reduction in the value in the card is 
made by writing to the memory, the additional value can- 
not be added to the memory by an erase. Though this 
is a fairly adequate way to prevent tampering, it is not 
attractive for the reason that once the value on the card 
has been depleted, the card cannot be reused by adding 
additional value to the card. 

[0008] Accordingly, it is an object of the present inven- 
tion to provide additional security for memories which 
are incorporated into devices that require secured mem- 
ory, such as smart cards. 

[0009] Further, it is another object of the present in- 
vention to provide security for memories which are in- 
corporated into devices with secured memory, such as 
smart cards, that dues not prevent the smart card from 
being repeatedly reused in its customary manner. 

BRIEF DESCRIPTION OF THE INVENTION 

[0010] According to the present invention, a secured 
memory comprises a first level security zone having an 
access code controlling access to said secured memory 
prior to an issuer fuse being blown, a security code at- 
tempts counter preventing access to said secured mem- 
ory when a predetermined number of attempts at match- 
ing said access code have been made prior to resetting 
said security code attempts counter, a plurality of appli- 
cation zones characterized in that each of said plurality 
of application zones comprising: a storage memory 
zone, an application security zone having an application 
zone access code controlling access to said storage 
memory zone after an issuer fuse has been blown, an 
application zone security code attempts counter pre- 
venting access to said application zone when a prede- 
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termined number of attempts at matching said applica- 
tion zone access code have been made prior to resetting 
said application zone security code attempts counter an 
erase key partition having an erase key code controlling 
erase access to said storage memory zone after an is- 5 
suer fuse has been blown, and an erase key attempts 
counter preventing erase access to said application 
zone when a predetermined number of attempts at 
matching said erase key code have been made prior to 
resetting said erase key attempts counter. 

BRIEF DESCRIPTION OF THE DRAWINGS 

[0011] 

FIG. 1 illustrates a general architecture in block di- 
agram of a secured memory according to the 
present invention. 

FIG. 2 depicts a memory map of an EEPROM mem- 
ory partitioned according to the present invention. 

FIG. 3 illustrates a timing diagram of a security code 
comparison and validation according to the present 
invention. 

FIG. 4A illustrates a timing diagram of a reset oper- 
ation suitable for use in the present invention. 

FIG. 4B illustrates a timing diagram of a read oper- 
ation suitable for use in the present invention. 

FIG. 4C illustrates a timing diagram of a compare 
operation suitable for use in the present invention. 

FIG. 4D illustrates a timing diagram of an erase/ 
write operation suitable for use in the present inven- 
tion. 

FIG. 5 illustrates schematic diagram of a circuit for 
controlling the location of the address in the EEP- 
ROM memory suitable for use according to the 
present invention. 

FIG. 6 Illustrates schematic diagram of a circuit for 
comparing a security code suitable for use accord- 
ing to the present invention. 

FIG. 7 illustrates schematic diagram of a circuit for 
write zero verification suitable for use according to 
the present invention. 

FIG. 8 illustrates schematic diagram of a circuit for 
setting a security flag suitable for use according to 
the present invention. 

FIG. 9 depicts a table of access conditions for per- 
sonalizing the secured memory prior to a fuse being 



set to logic '0' according to the present invention. 

FIG. 1 0 illustrates schematic diagram of a circuit for 
setting Rn and Pn gags suitable for use according 
to the present invention. 

FIG . 1 1 depicts a table of access conditions for per- 
sonalizing the secured memory after a fuse is set 
to logic '0' according to the present invention. 

FIG. 12A illustrates schematic diagram of a circuit 
for generating a read enable signal according to the 
present invention. 

FIG. 12B illustrates schematic diagram of a circuit 
for generating a fuse write control signal and a write 
control signal according to the present invention. 

FIG. 12B illustrates schematic diagram of a circuit 
for generating an erase control signal according to 
the present invention. 

FIG. 1 3 illustrates schematic diagram of a circuit for 
generating fuse write, write and erase enable sig- 
nals according to the present invention. 

DETAILED DESCRIPTION OF A PREFERRED 
EMBODIMENT 

[001 2] Those of ordinary skill in the art will realize that 
the following description of the present invention is illus- 
trative only and not in any way limiting. Other embodi- 
ments of the invention will readily suggest themselves 
to such skilled persons. 

[0013] Typically, at least three groups of individuals 
are involved in the handling of a secured memory that 
is incorporated into a smart card. The first is the manu- 
facturer of the secured memory. The second is the card 
manufacturer that incorporates the secured memory in- 
to the smart card and then distributes the smart card to 
the end user. (Often the card manufacturing and card 
issuer or distributor roles are performed by different 
groups of individuals). The third is the user of the se- 
cured memory which has obtained the product from the 
issuer or distributor. According to the present invention, 
greater security than is known in the prior art is provided 
to prevent the unauthorized use of the secured memory 
by end users orthose not involved in the handling of the 
secured memory. 

[0014] A block diagram of the generalized architec- 
ture of a secured memory 10 according to the present 
invention is illustrated in FIG. 1 . In the secured memory 
10, there are blocks for a power on reset 12, address 
decoder 1 4, security logic 1 6. and an EEPROM memory 
18. The secured memory 10 has eight pins, namely, 
VDD, VSS, RST, CLK, PGM, FUS, and I/O connected 
to the various blocks in the secured memory 10 as 
shown. As will be explained below, the EEPROM mem- 
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ory 18 is partitioned, and authorized access to the var- 
ious partitions to perform the operations of READ, 
WRITE, COMPARE, and ERASE is controlled by the se- 
curity provided according to the present invention. 
[0015] In preventing the unauthorized access to the 
EEPROM memory 18 two potential instances of unau- 
thorized access must be addressed. The first instance 
arises because of the transmittal of the secured memory 
10 from the manufacturer of the secured memory 10 to 
the issuer of the secured memory 1 0. To prevent the un- 
authorized use of the secured memory 1 0 by those who 
might intercept the secured memory 1 0 from the issuer, 
a security code determined by the manufacturer and 
conveyed to the issuer must be used by the issuer to 
gain access to the secured memory. According to the 
present invention, security is provided to prevent unau- 
thorized use by one other than the end user, and to pre- 
vent anyone other than the issuer to tamper with or use 
the memory in a manner not permilted by the issuer. 
[0016] Turning now to FIG. 2, a memory map 20 indi- 
cating the various memory partitions made to the EEP- 
ROM memory 18 is set forth. In memory map 20, the 
address in the EEPROM memory 18 of each memory 
partition is identified along with the number of bits for 
each of the memory partitions. For example, the parti- 
tion labelled Fabrication Zone, to be discussed below, 
is found at addresses 0 through 15 in the memory map 
20 and is allocated 16 bits. The bits in the EEPROM 
memory 18 arc grouped together as 8-bit words. The 
memory map 20 of the EEPROM memory 18 has been 
divided into four sections 22, 24, 26, and 28 for a more 
ready understanding of each of the memory partitions. 
[0017] Section 22 of memory map 20 contains parti- 
tions for the manufacturer and the issuer. The partitions 
in section 22 are the Fabrication Zone, Issuer Zone, Se- 
curity Code, Security Code Attempts Counter, and Code 
Protected Zone. The Code Protected Zone is also ac- 
cessible to the end user. 

[0018] The Fabrication Zone and Issuer Zone each 
contain information that is pertinent to the manufacturer 
and the issuer, respectively. The Fabrication Zone is 
programmed by the secured memory manufacturer, and 
is not alterable. Access to the Issuer Zone is controlled 
by a security code flag which is set when a valid security 
code is recognized by the secured memory 10. 
[001 9] The partition for the Secu rity Code contai ns the 
security code which must be matched by the issuer to 
access the EEPROM memory 18 and to thereby per- 
sonalize various partitions in the EEPROM memory 18. 
The security code acts to secure transportation between 
the manufacturer and the issuer, and as will be ex- 
plained more fully below, afterthe EEPROM memory 1 8 
is personalized by the issuer, the security code prevents 
unauthorized access to the application zones of the 
EEPROM memory 10. As such, the security code is a 
global access control for the entire EEPROM memory 
18. 

[0020] The Security Code Attempts Counter tallies 



the number of attempts made at presenting a security 
code. The secured memory 10 is locked if the Security 
Code Attempts Counter records eight non-valid presen- 
tations of a security code. The Code Protected Zone is 

5 a partition that can be used as a scratch pad wherein 
READ access is permitted, and WRITE/ERASE opera- 
tions are controlled by the security code flag. 
[0021] Section 24 of memory map 20 contains four 
application zones, that include partitions for both secu- 
re rity and memory storage. Each of the four application 
zones illustrated in memory map 20 includes a partition 
for a Security Code, a Security Code Attempts Counter, 
an Erase Key an Erase Key Attempts Counter partition, 
and a Storage Memory Zone. Once the EEPROM mem- 

15 ory 1 8 has been personalized by the issuer, the parti- 
tions for the Security Code and Security Code Attempts 
Counter in each of the application zones control read 
and write access in combination with other security 
measures, to their associated Storage Memory Zone, 

20 and the partitions for the Erase Key and Erase Key At- 
tempts Counter in each of the application zones control 
erase access, along with other security measures, to 
their associated Storage Memory Zone. It should be ap- 
preciated that to those of ordinary skill in the art. writing 

25 to an EEPROM is the process of placing a logic '0' in an 
EEPROM memory bit and erasing is the process of plac- 
ing a logic '1' in an EEPROM memory bit. 
[0022] Section 26 is a Memory Test Zone is provided 
to test all the operations of the secured memory 1 0 with- 

30 out the need for security access. 

[0023] Section 28 is a partition for a Fuse. Once the 
secured memory 10 is personalized by the issuer, the 
Fuse partition 28 is permanently "blown" by setting it to 
logic '0'. It should be appreciated that the bit which is 

35 blown is a stand alone bit of EEPROM memory that is 
set permanently to a logic '0'. 

[0024] As discussed above, when a secured memory 
10 is transmitted from the manufacturer to the issuer, a 
security code determined by the manufacturer is con- 

40 veyed by the manufacturer to the issuer. For the secured 
memory 1 0 to be accessed by the issuer to personalize 
the secured memory 1 0 for the user, the issuer must in- 
put the security code conveyed by the manufacturer for 
comparison with the security code as programmed by 

45 the manufacturer of the secured memory into the Secu- 
rity Code partition in section 22 of the memory map 20. 
For the issuer to gain access to the EEPROM memory 
18 there must be an exact match of the security code 
input by the issuer with the security code programmed 

so by the manufacturer. 

[0025] To prevent a systematic attack on the secured 
memory 1 0 by an unauthorized person, each attempted 
access to the secured memory 1 0 by inputting a security 
code to be compared with the security code pro- 

55 grammed by the manufacturer is tallied by the Security 
Code Attempts Counter in section 22. If eight unsuc- 
cessful attempts are made to match a security code to 
the programmed security code, the ability to set the se- 
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curity flag is no longer possible. Each time an input se- 
curity code is compared to the programmed security 
code, and a match is made, the security code attempts 
counter is reset to zero. 

[0026] Turning now to FIG. 3, the timing diagram 30 5 
for the successful security code comparison and a set- 
ting of the security code flag is shown. In the timing di- 
agram 30, the operations of RESET. READ, COMPARE, 
WRITE and ERASE are performed. The timing dia- 
grams for the RESET, READ, COMPARE, and ERASE/ 
WRITE operations are set forth in FIGS. 4A through 4D, 
respectively. 

[0027] As illustrated in timing diagram 30, to compare 
a security code with the security code programmed by 
the manufacturer, a reset signal is first provided to the 
RST (reset) pin of the secured memory 10. In the RE- 
SET operation, the address counter in the address de- 
coder 1 4 is reset to zero and the first hit of the EEPROM 
memory 18 is available on the I/O pin after the falling 
edge of the reset signal. Next, the address counter is 
incremented by a signal provided to the CLK (clock) pin 
while the signal provided to the PGM (program/erase) 
pin of the secured memory 10 is held low until the ad- 
dress of the security code partition is reached. This is a 
READ operation. 

[0028] The address counterforthe EEPROM memory 
18 is controlled by the address count control circuit 40 
is set forth in FIG. 5. Two signals, CLKR and R are pro- 
duced by the address count control circuit 40 to control 
a multi-stage counter that is used to generate the de- 
sired address of the EEPROM memory 18. The CLKR 
signal is an internal clock signal used to increment the 
address counter, while the R signal is an internal signal 
used to reset the address counter to zero. 
[0029] The address count control circuit 40 has the 
following input signals: 

PGMERASEFUNC WRT, CLK, RST, FLGRST, and 
CPUB. In the address count control circuit, the PGMER- 
ASEFUNC and WRT signals are both connected to the 
inputs of a NOR gate 42. The output of the NOR gate 
42 and the CLK signal are connected to the inputs of an 
AND gate 44. The output of the AND gate 44 and the 
RST signal are connected to the inputs of a NOR gate 
46, and the output of the NOR gate 46 is passed through 
inverters 48 and 50 to form the CLKR signal. The CLK 
signal and the FLGRST signal are connected to the in- 
puts of an AND gate 52. The output of the AND gate 52 
and the CPUB signal are connected to the inputs of a 
NOR gate 54 having an output connected to the nega- 
tive edge triggered clear input of a D-type flip-flop 56. 
The RST signal is also connected through an inverter 
58 to the clock input of the D-type flip-flop 56. The data 
input of the D-type flip-flop 56 is held HIGH through an 
inverter 60 connected to Vss. The data output of the D- 
type flip-flop 56 and the CPUB signal are connected to 
the inputs of a NOR gate 62. and the output of the NOR 
gate 62 is passed through an inverter 64 to form the R 
signal. 



[0030] The PGMERASEFUNC signal is internally 
generated by a circuit to be described below. It is gen- 
erated to suspend the address counter by not passing 
the CLK signal through AND gate 42 as it toggles, as 
can be appreciated upon inspection of the address 
count control circuit 40, when an erase or write cycle is 
being performed. The RST signal is generated external- 
ly to reset the address counter to zero. When the RST 
signal makes a transition from HIGH to LOW, D-type flip- 
flop 56 is clocked, and data output D-type flip-flop 56 
goes HIGH. As a result, the R signal goes HIGH and the 
address counter is reset to zero. The FLGRST signal 
resets the R signal LOW after the address counter has 
been reset to zero when the R signal went HIGH. The 
FLGRST signal is generated by the address counter 
when the address in the EEPROM memory 18 is zero 
either when the EEPROM memory 1 8 is reset orthe ad- 
dress counter has rolled over to zero. The CPUB signal 
is generated when the secured memory 10 is powered 
up. 

[0031] The output of the address counter is fed into a 
control word identifier that is employed to generate con- 
trol word signals to indicate when particular addresses 
in the EEPROM memory 18 have been reached. The 
control word identifier also generates a signal for the first 
bit, the second bit, and the eighth (last) bit of each word 
in the EEPROM memory 1 8. As will be described more 
fully below, the signals generated by the control word 
identifier are used by the security logic to identify which 
partition in the EEPROM memory 1 8 is being accessed, 
as well as whether the first, second, or last bits of a word 
are also being addressed. 

[0032] A bit by bit comparison of the programmed se- 
curity code to the security code presented to the I/O pin 
is then made as the clock signal increments the address 
of the programmed security code. The comparison is 
made by the compare bit circuit 70 illustrated in FIG. 6. 
In the compare bit circuit 70, data read out from the EEP- 
ROM 18 a bit at a time by a sense amplifier on the 
SAOUT line is compared by XNOR gate 72 with the se- 
curity code being input on the I/O line as it is clocked 
through the D-type flip-flop 74. In the COMPARE oper- 
ation, the address counter is incremented on the falling 
edge of the clock, and the input data is latched on the 
rising edge of the clock. The comparison is done on the 
next falling edge of the clock. 

[0033] A comparison is made at the time D-type flip- 
flop 82 is clocked. As the comparison is made, the CMP- 
BIT must remain HIGH for the comparison to indicate a 
match. For the CMPBIT to be HIGH, both of the inputs 
to NAND gate 80, must be HIGH, if one of the inputs 
goes LOW, then the CMPBIT signal will stay LOW. 
Since, one of the inputs to NAND gate 80 is connected 
to the output of OR gate 78, the output of OR gate 78 
must remain HIGH for the CMPBIT signal to remain 
HIGH. The inputs to OR gate 78 are the output of the 
comparison from XNOR gate 72 and the SC WORD sig- 
nal fed through inverter 76. When the address counter 
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is within the partition containing the security code, the 
SC WORD signal is HIGH, and as a result, the output 
of OR gate 78 may not be made HIGH by the SC WORD 
signal while the address counter is with the partition for 
the security code. Rather, it is when the bits being com- 
pared are the same that the output of XNOR gate 72 is 
HIGH to provide a HIGH output from the OR gate 78 so 
that the CMPBIT remains HIGH. If during the compari- 
son, the output of OR gate 78 goes LOW, then the CMP- 
BIT will go LOW and remain LOW. It should be noted 
that if the power is shut off during the comparison, the 
COMPARE operation is quit because the D-type flip-flop 
is reset by the CPUB signal. A FLGRST signal will reset 
the D-type flip-flop 82, thereby allowing another COM- 
PARE operation. 

[0034] After a match of the programmed security code 
to the input security code, a validation operation must 
be performed. In the validation operation, the Security 
Code Attempts Counter is incremented and a READ op- 
eration is performed until a logic '1* is found in the Se- 
curity Code Attempts Counter. During a READ opera- 
tion, the address counter is incremented. In the READ 
operation, when the address counter is incremented, 
the first bit is available on the I/O after the falling edge 
of the clock. It should be appreciated that a Security 
Code Attempts Counter that has all logic *1's indicates 
that no unsuccessful attempted matches have been 
made since the Security Code Attempts counter was re- 
set. At the address in which the logic T is found, a 
WRITE operation is then performed to place a logic '0' 
at that address location. 

[0035] The write zero verification circuit 90 is illustrat- 
ed in FIG. 7. The input signals to the write zero verifica- 
tion circuit 90 are CPUB, CLK, PGM, and SAOUT The 
CPUB signal is connected through an inverter 92 to an 
input of an AND gate 94 and the clear input 'C of D-type 
flip-flop 100. The CLK signal is connected to the input 
of a first NAND gate 96, a second IMAND gate 98, the 
clock input of a D-type flip-flop 100. and a third NAND 
gate 1 02. The PGM signal is connected to the clock in- 
put of a D-type flip-flop 1 04, and through an inverter 1 06 
to the data input of D-type flip-flop 100 and to an input 
of third NAND gate 102. The data output of D-type flip- 
flop 1 00 is also connected to an input of third NAND gate 
102. The output of third NAND gate 102 is connected to 
an input of AND gate 94. The SAOUT signal is connect- 
ed to the data input of the D-type flip-flop 1 04. Another 
input of first NAND gate 96 is connected to the data out- 
put of D-type flip-flop 104 through an inverter 108. The 
output of first NAND gate 96 is connected to one input 
of an AND gate 110, while the other input of AND gate 
1 1 0 is connected to the output of AND gate 94. The out- 
put of AND gate 94 is also connected to the negative 
edge triggered clear input 1 C of D-type flip-flop 1 1 2, and 
an input of NAND gate 98. The data output of D-type 
flip-flop 1 04 is also connected to NAND gate 98. and the 
inverted output of D-type flip-flop 104 is connected to 
the clock input of D-type flip-flop 112. Vss is connected 



to the data input of D-type flip-flop 112 through an in- 
verter 114, and the data output of D-type flip-flop 112 
forms the output of write zero verification circuit 90 after 
passing through inverters 116 and 118. 

5 [0036] Referring now to FIG. 7, the validation opera- 
tion will be explained. When a logic T is read from the 
security code attempts counter following a COMPARE 
operation, as discussed above, the SAOUT signal 
should be a logic '1'. As the PGM signal goes HIGH to 

10 start a WRITE '0' to the address in the security code at- 
tempts counter from which the logic'1 ' was read, a logic 
T should be latched at the 'Q' output of D-type flip-flop 
104. At this point, the WROVEN signal is LOW. If a 
WRITE '0' occurred, the SAOUT signal will be latched 

*5 on the next rising edge of PGM. 

[0037] An ERASE operation is then performed on the 
Security Code Attempts Counter. This will result in a log- 
ic T being latched at the output of D-type flip-flop 112 
on the rising edge of the clock input of D-type flip-flop 

20 112. It should be appreciated that when a WRITE oper- 
ation is performed only a single bit is changed, but when 
an ERASE operation is performed the whole byte is 
changed. A READ operation is then performed to indi- 
cate that the security code flag has been sot because 

25 an erasure of the Security Code Attempts Counter has 
been permitted. A READ out of a logic '1' indicates that 
the security code flag has been set because an erasure 
of the Security Code Attempts Counter has occurred. A 
READ out of a logic '0' indicates that the security code 

30 flag has not been set because no erasure of the Security 
Code Attempts Counter has occurred. D-type flip-flop 
100, NAND gate 102 and AND gate 94 ensure that the 
WROVEN signal will be forced to a logic '0' if the power 
is reset or the address is incremented. 

35 [0038] Once a successful COMPARE has been 
made, and a WRITE operation has been performed, the 
security code flag will be set by the security flag circuit 
120 illustrated in FIG. 8. The inputs to the security code 
flag circuit 120 are ENABLE, CPUB, WROVEN, AC- 

40 WORD : and CMPBIT, and the output is SV The ENA- 
BLE signal is connected through an inverter 122 to an 
input of a NOR gate 1 24, and also to an input of a NAND 
gate 126. Connected to two other inputs of NAND gate 
126 are the signals ACWORD and CMPBIT. The CPUB 

45 signal is connected to another input of NOR gate 124, 
and the output of NOR gate 1 24 is connected to the neg- 
ative edge triggered clear input 'C of a D-type flip-flop 
128. WROVEN signal is connected to the clock input of 
D-type flip-flop 128. The data input of D-type flip-flop 

so 1 28 is connected to the output of a NAND gate 1 30 hav- 
ing a first input connected to the output of NAND gate 
126 and a second input connected to the data output of 
D-type flip-flop 128 through an inverter 132. 
[0039] Given that the CMPBIT input to NAND gate 

55 1 26 is still HIGH following the security code comparison, 
when WROVEN rises, D-type flip-flop 128 will latch a 
HIGH output SV (Given that ENABLE and AC WORD 
are also HIGH) SV will remain HIGH as long as power 
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is supplied to the secured memory 10 and ENABLE is 
HIGH, since the logic T on SV feeds though an inverter 
to NAND gate 130 to input a logic '0' to the NAND gate 
130. The input to D-type flip-flop 128 will remain HIGH 
due to this feedhack. 5 
[0040] Once the security code flag has been set 5 the 
issuer of the secured memory 1 0 has access to person- 
alize the application zones for the end user. After per- 
sonalizing the desired portions of the secured memory 
1 0 to which the issuer has access, the value in the Fuse 
in section 28 is written to a logic '0'. Set forth in table 1 
in FIG. 9 are the access conditions for personalizing the 
secured memory 1 0 prior to the Fuse being set to logic 
'O*. To personalize the secured memory 10, the issuer 
writes or erases the desired data into the secured mem- 
ory 1 0 as permitted by the access conditions. In table 1 , 
the code SV represents the security code flag which 
when set is a logic T, the code Rn is a read flag for the 
Application Zones where n=1 , 2, 3, or 4 correspond to 
the four Application Zones, and 'X' indicates a don't 
care. 

[0041] As a first example, in the partition for the Se- 
curity Code Attempts Counter (SCAC) when SV=0, i.e. 
security code flag not set, only read and write access is 
permitted, and when SV=1 , i.e. code flag set, read , write 
and erase access is permitted. As a second example, 
in the partition for the first Storage Memory Zone 
(SMZ1), when SV=0 and R1=0 no access is permitted, 
when SV=0 and R1=1 read access is permitted, when 
SV=1 , read, write, and erase access is permitted. In the 
preferred embodiment, the Rn flag is set by the value in 
the second bit in each of the four Storage Memory 
Zones. The Rn flag will remain set until the power of the 
secured memory is disabled even though the second bit 
in the particular Storage Memory Zone may be written 
to a logic '0' by a subsequent operation. 
[0042] Illustrated in FIG . 1 0 is a P and R flag set circuit 
140 which sets the Rn flag. The P and R flag set circuit 
140 also sets a Pn flag to he described below. The P 
and R flag set circuit 140 has input signals C PUB, CLKB, 
BIT0, SAOUT, WORD, and BIT1. The CPUB signal is 
connected to a reset input 'R' of D-type flip flops 1 42 and 
144. The CLKB signal is connected to the clock input or 
D-type flip flops 142 and 144. The SAOUT and WORD 
signals are connected to the first and second inputs of 
AND gates 146 and 148, and the BIT0 and BIT1 signals 
are connected to first inputs of AND gates 146 and 148, 
respectively. The outputs of AND gates 1 46 and 1 48 are 
connected to a first input of NOR gates 150 and 152, 
respectively. The outputs of NOR gates 1 50 and 1 52 are 
connected to the data inputs of D-type flip-flops 1 42 and 
144, respectively. The data outputs of D-type flip-flops 
1 42 and 1 44 are fed back to second inputs of NO R gates 
150 and 152, respectively, and also form the Pn and Rn 
flags. 

[0043] In the operation of the P and R flag set circuit 
140, the BIT0, BIT1 , and WORD signals are set by the 
control word identifier circuit. In setting a particular Rn 



flag, the address is at the partition in the memory from 
which the Rn flag is to be read, the WORD signal and 
BIT1 of that word will be HIGH, and if the value at BIT1 
read out. on the SAOUT line is also HIGH the RN flag 
will be set. The Rn flag will remain set until the power of 
the secured memory is disabled by the CPUB signal. 
This is true even though the second bit in the particular 
Storage Memory Zone may be written to a logic '0' by a 
subsequent operation, thereby forcing the output of 
AND gate 148 to a logic '0', because the output of D- 
type flip-flop 144 in being fed back through OR gate 152 
will keep the output of OR gate 152 at a logic 1\ The 
operation for setting of the Pn flag is similar to that of 
setting the Rn flag, except that the BIT0 signal is em- 
ployed instead of the BIT1 signal. 
[0044] Those of ordinary skill in the art can readily ap- 
preciate from FIG. 9 which flags must be set to read, 
write, erase or compare data in the partitions of the se- 
cured memory 10. Reading, writing, erasing, and com- 
paring data in the secured memory 10 is accomplished 
by applying the appropriate sequence of signals to the 
pins of the secured memory 10 as taught by the timing 
diagrams in FIGS. 4A through 4D. 
[0045] For example, to write to the partition for the Se- 
curity Code in the first application zone, the address of 
the EEPROM memory 10 is first reset to zero by per- 
forming a RESET operation. Those of ordinary skill in 
the art will recognize that a RESET operation may be 
performed by applying signals to the pins of the secured 
memory in the order dictated by the timing diagram for 
the RESET operation set forth in FIG. 4A. A READ op- 
eration is then performed until the address in the ad- 
dress counter is incremented to the initial address to the 
partition for the Security Code in the first application 
zone. Finally, a WRITE operation is performed to write 
the desired data to the address of the Security Code in 
the first application zone. As set forth above, once the 
issuer is finished personalizing the secured memory 10 
for the end user, the Fuse partition is permanently set 
to logic '0' to emulate the state of a blown fuse. 
[0046] Once the fuse has been blown, access to the 
secured memory is determined according to the access 
conditions set forth in table 2 in FIG. 1 1 . In table 2, there 
are three additional codes that were not present in table 
1 of FIG. 9. These codes are Sn, Pn, and En. The code 
Sn represents a security code flag for the four Applica- 
tion Zones where n=1 , 2, 3, or 4 correspond to the four 
Application Zones. 

[0047] When the security code flag for a particular Ap- 
plication Zone is set, the Sn code is a logic T. To set 
the Sn flag in a particular application zone, a secure 
code which matches the security code stored in the Se- 
cure Code partition of the particular application zone 
must be presented. The compare and validation opera- 
tions are performed in the same manner discussed 
above for the security code found in the Secure Code 
partition of section 22. The only difference is that the 
comparison will understandably begin at the address of 
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the Secure Code partition associated with the selected 
application zone. 

[0048] The code Pn is a write flag for each of the four 
application zones. In the preferred embodiment, the Pn 
flag is set by the value in the first bit in each of the four 
Application Zones. The Pn flag when set is a logic T. 
The P.n flag will remain set until the power of the secured 
memory is disabled even though the first bit in the par- 
ticular Application Zone may be written to a logic *0' by 
a subsequent operation. The setting of the Pn flag is ac- 
complished as described with respect to FIG. 10. 
[0049] The code En represents an erase code flag for 
the four Application Zones. When the erase code flag 
for a particular Application Zone is set, the En code is a 
logic T. To set the En flag in a particular application 
zone, an erase code which matches the erase code 
stored in the Erase Key partition of the particular appli- 
cation zone must be presented. The compare and vali- 
dation operations are performed in the same manner 
discussed above for the security code found in the Se- 
cure Code partition of section 22. The only difference is 
that the comparison will understandably begin at the ad- 
dress of the Erase Key partition associated with the se- 
lected application zone. 

[0050] For the end user to obtain access to the various 
partitions of the EEPROM 18 for reading, writing, eras- 
ing and comparing, the correct combinations of the SV, 
Sn, Pn, Rn, and En flags must be set. As examples, the 
required combinations of the SV, Sn, Pn, Rn, and En 
flags that must be set to read, write, erase, and compare 
in one of the Storage Memory Zones will be discussed. 
[0051] In the Memory Storage Zones, the access pro- 
vided by different combinations of flags may be readily 
understood by dividing the different combinations of 
flags into three groups. In the first group, Sn=0, and the 
only access to the Storage memory Zone permitted is a 
READ operation that may occur when the Rn=1 . In the 
second group, SV=1 , Sn=1 , and Pn=0. When this set of 
flags occur, access to the Storage Memory Zone de- 
pends upon the En flag. If En=0, then only a READ op- 
eration is permitted. Otherwise, if En=1 , then READ and 
ERASE operations are allowed. In the third group, 
SV=1, Sn=1, and Pn=1. When this set of flags occur, 
access to the Storage Memory Zone depends upon the 
En flag. If En=0, then READ and WRITE operations are 
permitted. Otherwise, if En=1 , then READ, WRITE and 
ERASE operations are permitted. 

[0052] Accordingly, the following observations should 
be made. First, the only time a READ from the Memory 
Storage Zone is not permitted is when both Sn=0 and 
Rn=0. Second, the only time a WRITE is permitted is 
when SV=1, Sn=1, and Pn=1. Third, the only time an 
ERASE is permitted is when SV=1 , Sn=1 , and En=1 . 
[0053] The circuit diagram of the combinatorial logic 
for generating the enable signals sent to the EEPROM 
18 so that a READ, WRITE, or ERASE, of the data in 
the EEPROM 18 can be made, and the enable signals 
for blowing the fuses for personalization as described 



above is illustrated in FIGS. 12A-12C. One of ordinary 
skill in the art will readily recognize from FIGS. 1 2A -1 2C 
that the flags must be set as previously described to ob- 
tain the desired output enable signals from FIGS. 12A- 

5 12C. For example, FIG. 12A generates a read enable 
signal which is HIGH when the PGMERASEFUNC is 
LOW, the MEM signal is HIGH, and flags for a selected 
partition being accessed is also HIGH. To avoid over- 
complicating the disclosure, each of these flags which 

10 have been described above will not be described again 
herein. 

[0054] FIGS. 12B and 12C generate write control 
(WRT GTRL), fuse write control (FZ WRT CTRL), and 
clear or erase control (CLR CTRL), respectively, from 

15 flags set as described above. The WRT CTRL, FZ WRT 
CTRL, and CLR CTRL signals are then fed into a write 
and erase control circuit illustrated in FIG. 13 that gen- 
erates the signals WRTEN, CLREN, and WRT em- 
ployed by the EEPROM 1 8 to write and erase data, and 

20 also generates the enable signal for controlling the pro- 
gramming signal for the fuses, FZ WRT EN. Those of 
ordinary skill in the art will readily appreciate the oper- 
ation of the circuits set forth in FIGS. 12A- 12C, and 13 
to generate the enable signals for read, write, erase, and 

25 fuse programming according to the flags described 
above. 



Claims 

30 

1. A secured memory (20) comprising: 

a first level security zone (22) having an access 
code (SC) controlling access to said secured 
35 memory (20) prior to an issuer fuse (28) being 

blown; 

a security code attempts counter (SCAC) pre- 
venting access to said secured memory (20) 
when a predetermined number of attempts at 
40 matching said access code have been made 

prior to resetting said security code attempts 
counter (SCAC) 

a plurality of application zones (1 , 2, 3, 4) char- 
acterized in that each of said plurality of appli- 
es cation zones comprises 

a storage memory zone (SMZ1 SMZ4); 

an application security zone (SC1,..., SC4) 
having an application zone access code con- 
trolling access to said storage memory zone af- 
50 ter an issuer fuse has been blown; 

an application zone security code attempts 
counter (S1 AC,..., S4AC) preventing access to 
said application zone when a predetermined 
number of attempts at matching said applica- 
55 tion zone access code have been made prior 

to resetting said application zone security code 
attempts counter; 

an erase key partition (EZ1 , .... EZ4) having an 
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erase key code controlling erase access to said 
storage memory zone after an issuer fuse has 
been blown; and 

an erase key attempts counter (E1AC, 
E4AC) preventing erase access to said appli- 
cation zone when a predetermined number of 
attempts at matching said erase key code have 
been made prior to resetting said erase key at- 
tempts counter. 

Patentanspruche 

1 . Sicherer Speicher (20) mit: 

einer Sicherheitszone (22) einer ersten Ebene 
mit einem Zugriffscode (SC), der den Zugriff auf 
diesensicheren Speicher (20) steuert, bevor ei- 
ne seilens des Ausgebers vorgesehene Siche- 
rung (28) durchbrennt; 

einem Zahler der versuchten Sicherheitscode- 
eingaben (SCAC), der den Zugriff auf den si- 
cheren Speicher (20) verhindert, wenn eine 
vorgegebene Anzahl Versuche, dem Zu- 
griffscode zu entsprechen, vorgenommen wor- 
den ist, bevor der Zahler der versuchten Sicher- 
heitscodeeingaben (SCAC) ruckgesetzt wird; 
einer Mehrzahl Anwendungszonen (1 , 2, 3, 4), 
dadurch gekennzeichnet, dass jede Zone 
dieser Mehrzahl Anwendungszonen Folgen- 30 
des aufweist: 

eine Speicherzone (SMZ1 , SMZ4); 
eine Anwendungssicherheitszone (SC1, 

SC4) mit einem Anwendungszonen-Zu- 35 
griffscode, der den Zugriff auf die Spei- 
cherzone steuert, nachdem eine seitens 
des Ausgebers vorgesehene Sicherung 
durchgebrannt ist; 

einen Zahler der versuchten Eingaben des *o 
Anwendungszonen-Sicherheitscodes 
(S1 AC, .... S4AC), der den Zugriff auf die 
Anwendungszone verhindert, wenn eine 
vorgegebene Anzahl Versuche, dem An- 
wendungszone n -Zugriffscode zu entspre- *s 
chen, vorgenommen worden ist, bevor der 
Zahler der versuchten Eingaben des An- 
wendungszonen-Sicherheitscodes riick- 
gesetzt wird, 

eine Loschtastenpartition (EZ1, EZ4) so 
mit einem Loschtastencode, der den 
Loschzugriff auf die Speicherzone steuert, 
nachdem eines seitens des Ausgebers 
vorgesehene Sicherung durchgebrannt ist; 
und 55 
einen Zahler der Loschtastenversuche 
(E1 AC, E4AC), der den Loschzugriff auf 
die Anwendungszone verhindert, wenn ei- 



ne vorgegebene Anzahl Versuche, dem 
Loschtastencode zu entsprechen vorge- 
nommen worden ist, bevor der Zahler der 
Loschtastenversuche ruckgesetzt wird. 



Revendications 

1. Memoire securisee (20) comprenant : 

10 

une zone de securite de premier niveau (22) 
possedant un code d'acces (SC) qui comman- 
de I'acces a ladite memoire securisee (20) 
avant qu'un fusible (28) de I'emetteur ne soit 
15 fondu ; 

un compteur (SCAC) de tentatives de fournitu- 
re de code de securite, empechant I'acces a la- 
dite memoire securisee (20) lorsqu'un nombre 
predetermine de tentatives pour obtenir une 
20 concordance avec ledit code d'acces ont ete 

faites avant un repositionnement dudit comp- 
teur (SCAC) de tentatives defoumiture de code 
de securite ; 

une pluralite de zones d'application (1 , 2, 3, 4), 

25 

caracterisee en ce que chacune desdites 
zones d'application comprend : 

une zone de memoire de stockage (SMZ1 , .... 
SMZ4) ; 

une zone de securite d'application (SC1 , ... 
SC4) possedant un code d'acces a la zone 
d'application qui commande I'acces a ladite zo- 
ne de memoire de stockage apres qu'un fusible 
de I'organisme emetteur a ete fondu ; 
un compteur (S1AC S ... S4AC) de tentatives de 
fourniture de code de securite de zone d'appli- 
cation, empechant I'acces a ladite zone d'appli- 
cation lorsqu'un nombre predetermine de ten- 
tatives pour obtenir une concordance avec ledit 
code d'acces a la zone d'application ont ete fai- 
tes avant un repositionnement dudit compteur 
de tentatives de fourniture de code de securite 
de zone d'application ; 

une partition de cle d'effacement (EZ1 .... EZ4) 
possedant un code de cle d'effacement qui 
commande I'acces d'effacement a ladite zone 
de memoire de stockage apres qu'un fusible de 
I'organisme emetteur a ete fondu ; et 
un compteur (E1 AC, ... E4AC) de tentatives de 
fourniture de cle d'effacement, empechant I'ac- 
ces en effacement a ladite zone d'application 
lorsqu'un nombre predetermine de tentatives 
pour obtenir une concordance avec ledit code 
de cle d'effacement ont ete faites avant un re- 
positionnement dudit compteur de tentatives 
de cle d'effacement. 
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pgmerosefunc ( lo 9 ic ) — 
mem < to q«c) 

Initial state of eeprom: 
entire memory is readable 

fzjuse Coflic) 

Personalization: 
entire memory is readable 
when sv has been set 

, 2 _ fuS e i!ogicL_ 
sv (flag) 



Zones which are always readable 

{ , (address) 
(address) 



scoc (address) 
cp - (address) 
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slac iaddressl 

01ac iaddressI 

( address) 



oi ac ' — ~ ' 
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Storage Memory Zone Read Access Logic: 
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(flag) 
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read_en 
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Access for application zones 



siJiSial 

p (address) 
eioc (ad ^ ress ? 



eioc — — 

SMz1 (^dress) 

p1 Jim 

e1 iliSSL 



ezi (address) 



s2 ( fla 9) 

, rr (address) 

e2oc < addreSS > 



SMz2 (address) 



d2 J!!S9L 



ez2 (address) 



S3 ( fla a ) 
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FROM FIG.12B.1 
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Access in application zones with ISSUER FUSE blown 




FIG. 12C.1 



BNSDOCID: <EP 1 01981 7B1J_> 



24 



EP 1 019 817 B1 




u. o :c — -> —i 



FROM FIG. 12C.1 



CD 



(D CD N 

^ w w 

M M 



O U M N N O 

w § 8-e I • 



E 

o 



25 

BNSDOCID: <EP 1019817B1 J_> 



